cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Users with Content_admin role see all shared folder (but not all MyDocuments)

Go to solution
former_member202734
Participant

on ‎09-25-2014 3:14 PM

0 Kudos

Hello,

as portal manager we have the Content_admin role (the same for technical team).  In Mobile document (whatever the device) we see all shared content.  I mean also share created by a normal user.

I checked repository definition, document classification in /mcm/admin, system principal in KM,... and found nothing.

So I don't understand why in /MCM/Browser (or IOS app) I see all shared content by MyDocument (not all MyDocument created by user) only ?

A soon as I remove Content_admin role (or super_admin) from my profile I see only shared content I created.

So is it possible to avoid the access to all shared_content with Content_admin role and why I don't this for MyDocuments part ?

Vincent

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

former_member192447
Explorer
‎09-26-2014 7:25 AM
0 Kudos

Hi Vincent,

the reason why as a content admin you see all shared content lies in the method how the data is fetched.

For MyDocuments it's simple we just show everything that lies within your MyDocuments directory. For the Sharing it is a bit different as you want to see all share where you have access to (normally because you are invited by the share owner). To get all these shares we execute a query that returns all shares where you have access to and as a content admin you have access to all files in KM which means also to all shares.

Best regards

Alex

Show replies
Show replies
former_member202734
Participant
‎09-26-2014 9:32 AM
0 Kudos

OK...

Thank you for this info.

It means (and we should do for for a while) that we have to remove Content_admin from our profile (LDAP userID) to keep it for a system admin (UME) user only in order to avoid to get all share in MCM (not managable).

Best regards.

Vincent

Former Member
‎10-29-2014 8:12 AM
0 Kudos

Hi Vincent,

please be aware that a Content Admin is allowed to see and manage all KM content despite access control entries. He is technically able to also see personal documents stored in MyDocuments by using native UIs. This role should not be given to any users besides the one that are responsible for the administration.

Regards, Karsten

Answers (0)

Ask a Question